ClawHub

find-skills

Security checks across malware telemetry and agentic risk

Overview

This is a simple instruction-only skill for finding and installing other skills, with disclosed but important cautions around broad activation and global installs.

Use this as a discovery helper. Before installing anything it finds, review the skill name, repository/source, and whether you want a global install; avoid `-y` unless you are comfortable skipping the CLI's confirmation prompt.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill description uses broad discovery-oriented trigger language like 'how do I do X' and 'can you do X', which can cause the skill to activate for many general-help requests rather than only true skill-discovery intents. This is dangerous because it can steer routine conversations toward package discovery and installation workflows, increasing the chance of unnecessary exposure to third-party skill suggestions and follow-on install actions.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The invocation guidance lists many broad situations where the skill should be used but does not define boundaries or counterexamples, so the agent may invoke this skill when the user simply wants direct help. In this context, over-invocation is more dangerous because the skill leads into a package ecosystem and later recommends install commands, creating a pathway from ambiguous user intent to software installation behavior.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to offer installation using `npx skills add <owner/repo@skill> -g -y`, which performs a global install and suppresses confirmation prompts without a prominent warning about system-wide changes or trust implications of third-party packages. This is dangerous because it normalizes silent installation of externally sourced code, reducing user awareness and increasing the risk of accidental or unsafe package installation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal